CVE-2023-20246

Summary

Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability by establishing a connection to an affected device. A successful exploit could allow the attacker to bypass configured access control rules on the affected system.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Firepower Threat Defense Software7.0.0affected
CiscoCisco Firepower Threat Defense Software7.0.0.1affected
CiscoCisco Firepower Threat Defense Software7.0.1affected
CiscoCisco Firepower Threat Defense Software7.0.1.1affected
CiscoCisco Firepower Threat Defense Software7.0.2affected
CiscoCisco Firepower Threat Defense Software7.0.2.1affected
CiscoCisco Firepower Threat Defense Software7.0.3affected
CiscoCisco Firepower Threat Defense Software7.0.4affected
CiscoCisco Firepower Threat Defense Software7.0.5affected
CiscoCisco Firepower Threat Defense Software7.1.0affected
CiscoCisco Firepower Threat Defense Software7.1.0.1affected
CiscoCisco Firepower Threat Defense Software7.1.0.2affected
CiscoCisco Firepower Threat Defense Software7.1.0.3affected
CiscoCisco Firepower Threat Defense Software7.2.0affected
CiscoCisco Firepower Threat Defense Software7.2.0.1affected
CiscoCisco Firepower Threat Defense Software7.2.1affected
CiscoCisco Firepower Threat Defense Software7.2.2affected
CiscoCisco Firepower Threat Defense Software7.2.3affected
CiscoCisco Firepower Threat Defense Software7.3.0affected
CiscoCisco Firepower Threat Defense Software7.3.1affected
CiscoCisco Firepower Threat Defense Software7.3.1.1affected
CiscoCisco Umbrella Insights Virtual ApplianceN/Aaffected

Weaknesses

  • CWE-290: Authentication Bypass by Spoofing

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References